TTM4205

This is the official course website for TTM4205 Secure Cryptographic Implementations during Fall of 2025.

This course was taught for the first time during the fall semester of 2023. The course material and assignments from earlier semesters can be found here: 2023 and 2024. Furthermore, the grade distribution in this course can be found at karakterer.net/course/TTM4205, and I encourage you to check out the student evaluations from 2023 and 2024.

Course Description

The course covers how to implement, analyse, attack, protect and securely compose cryptographic algorithms in practice.
It goes in depth on how to implement computer arithmetic, attacking implementations using side-channel attacks and fault
injection, exploit padding oracles and low-entropy randomness, utilise techniques to defend against these attacks, and how
to securely design misuse-resistant APIs.

See the full course description at ntnu.edu/studies/courses/TTM4205.

Course Staff

Lecturer:   Tjerand Silde
Contact:    tjerand.silde@ntnu.no
Office:      Electro B225
Webpage:   tjerandsilde.no

Lab/Teaching Assistant: Caroline Sandsbråten
Contact:    caroline.sandsbraten@ntnu.no
Office:      Electro B211
Webpage:   carosa.no

Reference Group

Please reach out to be involved in the reference group.

Ed Forum

We use Ed as a forum in this course. More details will be available later.

Course Materials

The course materials are the lecture slides, references therein, and the assignments.
We do not require that you buy any books, but recommend the following literature:

1. Serious Cryptography by Jean-Philippe Aumasson at akademika.no
2. Real-World Cryptography by David Wong at akademika.no
3. The Hardware Hacking Handbook by Jasper van Woudenberg and Colin O’Flynn at akademika.no

Additional great resources in applied cryptography are:

• A Graduate Course in Applied Cryptography by Dan Boneh and Victor Shoup at toc.cryptobook.us (freely available)
• Introduction to Modern Cryptography by Jonathan Katz and Yehuda Lindell at akademika.no or NTNU University Library

Portfolio Assignment

The evaluation in this course will consist of three assignments of 100 points total.

Weekly Problems (40 points)

This assignment will contain the following kinds of problems:

• Mathematical problems
• Coding problems
• CryptoHack problems

The problem set will be available in August.

ChipWhisperer Lab (20 points)

This assignment will contain side-channel attack (SCA) lab work using the ChipWhisperer Husky
or ChipWhisperer Level 1 equipment, which we will provide to all students who signed up for the
course. You have access to the CRYPTO-LAB in Electro A176 to work on the assignment.

The problem set will be available in August.

Technical Essay (40 points)

This assignment is to write a technical essay about a topic not covered by the
lectures or to cover a topic from the lectures in more depth. It is mandatory for
each group to present their work, but it does not count towards the final grades.

Most important guidelines:

• Groups of 2 or 3 students each
• Essays of roughly 8 to 10 pages
• Essays written in LaTeX
• Short oral presentations

The problem set will be available in August.

Deadlines:

• Topic/scope/group approval (mandatory, email): October 31st
• Short oral presentations (mandatory): November 17th or November 21nd
• Draft submission for feedback (voluntary): November 21nd
• Receive feedback on draft (voluntary): December 5th
• Final submission (mandatory): December 19th at 23:59.

Grading

We will use the official NTNU grading scale to assign combined grades.

Lecture Plan

We have the following sessions in lecture room R73 this semester:

• Mondays at 15:15-17:00: Lecture
• Fridays at 12:15-14:00: Lecture OR Lab
• Fridays at 14:15-16:00: Exercises OR Lab

(the schedule might be subject to small changes)

Week	Date	Format	Responsible	Topic	Resources
34	18/8	Lecture	Tjerand	Course Introduction
34	22/8	Lecture	Tjerand	Randomness 1: Entropy
34	22/8	Exercises	Caroline	Exercise Class
35	25/8	Lecture	Caroline	Randomness 2: Breaking ECDSA
35	29/8	Lecture	Tjerand	Randomness 3: Randomization
35	29/8	Exercises	Caroline	Exercise Class
36	1/9	Lecture	Tjerand	Legacy Crypto 1: Crypto Wars
36	5/9	Lecture	Tjerand	Legacy Crypto 2: Attacks on TLS
36	5/9	Exercises	Caroline	Exercise Class
37	8/9	Lecture	Tjerand	Post-Quantum Encryption
37	12/9	Lecture	Tjerand	Post-Quantum Signatures
37	12/9	Exercises	Caroline	Excercise Class
38	15/9	Lecture	Tjerand	Padding Oracles 1: CBC and SHA
38	19/9	Lecture	Tjerand	Padding Oracles 2: RSA Encryption
38	19/9	Lab	Caroline	Exercise Class
39	22/9	Lecture	Tjerand	Side-Channel Attack (SCA): Intro
39	26/9	Lab	Caroline	SCA Setup Tutorial
39	26/9	Lab	Caroline	SCA Lab 1 (2h)
40	29/9	Lecture	Tjerand	SCA on Symmetric Key Crypto
40	3/10	Lab	Caroline	SCA Lab 2 (4h)
41	6/10	Lecture	Caroline	SCA on Public Key Crypto
41	10/10	Lab	Caroline	SCA Lab 3 (4h)
41	13/10	Lecture	Tjerand	SCA on Post-Quantum Crypto
42	17/10	Lab	Caroline	SCA Lab 4 (4h)
43	20/10	Lecture	Tjerand	Crypto API Failures
43	24/10	Lecture	Tjerand	Commitments and Zero-Knowledge
43	24/10	Exercises	Caroline	Exercise Class
44	27/10	Lecture	Tjerand	Protocol Composition 1: RSA
44	31/10	Lecture	Tjerand	Protocol Composition 2: DLOG
44	31/10	Exercises	Caroline	Exercise Class
45	3/11	Lecture	Tjerand	Course Summary
45	7/11	No Class
46	10/11	Guest Lecture	Tjerand	Guest Lecture 1
46	14/11	Guest Lecture	Tjerand	Guest Lecture 2
46	14/11	Exercises	Caroline	Exercise Class
47	17/11	Presentations	Tjerand	Project Presentations
47	21/11	Presentations	Tjerand	Project Presentations
47	21/11	Exercises	Caroline	Exercise Class